Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack

In this paper, we present a model developed for Electric Power Management Systems (EPMS) and Supervisory Control and Data Acquisition (SCADA) systems that allows us to calculate device vulnerability and help power substation operators and administrators identify and harden those portions of the control system that are most vulnerable to cyber attack. We use graph theory to model electric power control and protection devices, and their associated connectivity. We introduce the concept of a device visibility path and use a small Prolog application to calculate a device vulnerability level for a target device within a hypothetical power substation. Our model sets the basis for a prototype expert system capable of answer questions about EPMS and SCADA systems such as: “Which is the most vulnerable device of our power substation under an attack scenario?” and “Why is this device highly vulnerable?” Although our focus and examples center on electric power control systems, our work has application in all real-time complex control systems, especially those found within critical infrastructures supporting today’s modern digital societies.